CVE-2020-16270P3MEDIUMCVSS 6.1fixed in 3.3.392020-10-16
CVE-2020-16270 [MEDIUM] CWE-79 CVE-2020-16270: OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnera
OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim’s browsers in context of vulnerable applications. Executed code can be used to steal administrator’s cookies, influence HTML content of targeted application and perform phishing-related attacks. V
nvd